CVE-2005-0296

4 documents4 sources

Severity

5.0MEDIUM

EPSS

0.6%

top 29.51%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Novell Groupwise Novell Groupwise Webaccess

Timeline

PublishedJan 17

Latest updateMay 1

Description

NOTE: this issue has been disputed by the vendor. The error module in Novell GroupWise WebAccess allows remote attackers who have not authenticated to read potentially sensitive information, such as the version, via an incorrect login and a modified (1) error or (2) modify parameter that returns template files or the "about" information page. NOTE: the vendor has disputed this issue

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

▶NVDnovell/groupwise_webaccess6.0, 6.5+1

▶NVDnovell/groupwise6.0, 6.5+1

🔴Vulnerability Details

GHSA

GHSA-9mj8-q989-63hw: ** DISPUTED ** NOTE: this issue has been disputed by the vendor↗2022-05-01

▶

CVEList

CVE-2005-0296: NOTE: this issue has been disputed by the vendor↗2005-02-10

▶